Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Algorithm constraints check failed on signature algorithm: MD5withRSA

Tags:

java

aem

Today I want to use the HttpClient to call Hybris interface in the AEM. But I get the error message "java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: MD5withRSA".

In this line throw a exception "java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: MD5withRSA".

httpClient.executeMethod(request);

I changed the below there properties to empty in the java.security file(C:\Program Files\Java\jdk1.8.0_191\jre\lib\security\java.security), but it doesn't work.

jdk.certpath.disabledAlgorithms
jdk.tls.disabledAlgorithms
jdk.jar.disabledAlgorithms

MY JDK Version : jdk1.8.0_191

Is anyone know how to fix it?

Thanks, Forrest

like image 708
Forrest Li Avatar asked Dec 06 '25 22:12

Forrest Li

2 Answers

Aside: the jdk.jar.disabledAlgorithm property is not relevant to this issue.

Make certain you've actually changed the file as seen by the program.

  • Modern versions of Windows (IIRC since Vista, maybe Seven) don't like files under \Program Files and \Program Files (x86) being written by anything but an installer program. One thing they do at least sometimes is 'virtualize' such writes, to a different file hidden somewhere under per-user %appdata%. Search and you'll find lots of similar problems and frustrations.

  • Call Security.getProperty() to check the setting actually seen in your program.

If you can't fix the setting in the standard file, you can override it in another file (put somewhere more convenient) by setting sysprop (not secprop) java.security.properties=filename or by calling Security.setProperty() early in your program (before the JSSE/PKIX classes are loaded). See:
Relaxing SSL algorithm constrains programatically
Java - Lock down TLS version in java.security, but allow per app override via launch config?

Alternatively, JDK doesn't really need to be in \Program Files*. I put it in another top-level directory and don't have these issues.

And of course tell whoever is responsible for the server they are way behind the times :-)

like image 186
dave_thompson_085 Avatar answered Dec 08 '25 11:12

dave_thompson_085

Hi @dave_thompson_085,

Thanks to your replay. I have fixed this issue with the below steps.

  1. I Used command "where java" to check which JDK is I am really using.

  2. I reinstalled that JDK.

  3. I removed MD5 from "jdk.certpath.disabledAlgorithms", removed MD5withRSA from "jdk.tls.disabledAlgorithms"

  4. removed "C:\Program Files (x86)\Common Files\Oracle\Java\javapath;" from path of the System variables

  5. restart the computer, then this issue is fixed.

Thanks, Forrest

like image 22
Forrest Li Avatar answered Dec 08 '25 11:12

Forrest Li

Sign in to Comment

Related questions

how to load class from one another application in android
How to clone object in java [duplicate]
Multicast in java
Is there any way to return polymorphic this in Java?
Apache Kafka: seek and assignment. Reliable read from beginning
In the Java class DecimalFormat, what do the hashtags at the left side of the decimal do?
Spring boot 2 testing json serialzation
How to convert Map<String, String> to RequestBody?
store top k results from count-min-sketch

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!